[Pkg-mediawiki-devel] Bug#696179: mediawiki-extensions-base: RSS_Reader Javascript injection
Jonathan Wiltshire
jmw at debian.org
Wed Dec 26 17:53:20 UTC 2012
On Thu, Dec 20, 2012 at 10:37:22AM +0100, Thorsten Glaser wrote:
> On Wed, 19 Dec 2012, Giuseppe Iuculano wrote:
>
> > On 17/12/2012 18:21, Jonathan Wiltshire wrote:
> [ Debian ]
> > > Security team: is it too late to get a CVE through you now that a public
> > > bug has been filed? And should a DSA be prepared, as I have not looked
> > > but can be fairly sure this will affect stable.
> >
> > yes, if it is public, we cannot assign a CVE. you can ask
> > cve-assign at mitre.org to request one.
>
> Okay, doing that.
>
> Hello MITRE people,
[...]
Did you hear anything about this yet?
--
Jonathan Wiltshire jmw at debian.org
Debian Developer http://people.debian.org/~jmw
4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
<directhex> i have six years of solaris sysadmin experience, from
8->10. i am well qualified to say it is made from bonghits
layered on top of bonghits
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-mediawiki-devel/attachments/20121226/99bc5120/attachment.pgp>
More information about the Pkg-mediawiki-devel
mailing list